IA-12(1): Supervisor Authorization
(Not part of any baseline)
Control is new to this version of the control set and incorporates the following control from the previous version: IA-4(2): Supervisor Authorization.
Require that the registration process to receive an account for logical access includes supervisor or sponsor authorization.
Including supervisor or sponsor authorization as part of the registration process provides an additional level of scrutiny to ensure that the user's management chain is aware of the account, the account is essential to carry out organizational missions and functions, and the user's privileges are appropriate for the anticipated responsibilities and authorities within the organization.